<?php
 

define('IN_SCRIPT',1);

/* Get all the required files and functions */
require_once('hd_settings.inc.php');
require_once('language/'.$hd_settings['language'].'.inc.php');
require_once('inc/common.inc.php');

/* Will we use the anti-SPAM image? */
if ($hd_settings['secimg_use'] && $_REQUEST['a']=='add') {
        hd_session_start();
        $_SESSION['secnum']=rand(10000,99999);
        $_SESSION['checksum']=crypt($_SESSION['secnum'],$hd_settings['secimg_sum']);
}

/* Print header */
require_once('inc/header.inc.php');

/* What should we do? */
$action=hd_input($_REQUEST['a']) or $action='start';
if ($action == 'start') {print_start();}
elseif ($action == 'add') {print_add_request();}
elseif ($action == 'forgot_tid') {forgot_tid();}
else {hd_error($hdlang['invalid_action']);}

/* Print footer */
require_once('inc/footer.inc.php');
exit();

/*** START FUNCTIONS ***/

function print_add_request() {
global $hd_settings, $hdlang;
?>

<p class="smaller"><a href="<?php echo $hd_settings['site_url']; ?>"
class="smaller"><?php echo $hd_settings['site_title']; ?></a> &gt;
<a href="index.php?a=start" class="smaller"><?php echo $hd_settings['hd_title']; ?></a>
&gt; <?php echo $hdlang['submit_request']; ?><br>&nbsp;</p>
</td>
</tr>
<tr>
<td>

<h3><?php echo $hdlang['submit_request']; ?></h3>

<p><?php echo $hdlang['use_form_below']; ?>
<font class="important"> *</font></p>

<form method="POST" action="submit_request.php" name="form1" enctype="multipart/form-data">

<table border="0" cellspacing="0" cellpadding="5" size="750">
<tr>
<td>

<!-- Contact info -->
<table border="0">
<tr>
<td align="right" width="150"><?php echo $hdlang['name']; ?>: <font class="important">*</font></td>
<td align="left" width="600"><input type="text" name="name" size="25" maxlength="30" value="<?php echo stripslashes(hd_input($_SESSION['c_name']));?>"></td>
</tr>
<tr>
<td align="right" width="150"><?php echo $hdlang['email']; ?>: <font class="important">*</font></td>
<td align="left" width="600"><input type="text" name="email" size="30" maxlength="50" value="<?php echo stripslashes(hd_input($_SESSION['c_email']));?>"></td>
</tr>
</table>

<hr>

<!-- Department and priority -->
<table border="0">
<tr>
<td align="right" width="150"><?php echo $hdlang['residence']; ?>: <font class="important">*</font></td>
<td align="left" width="600"><select name="residence">
<?php
require_once('inc/database.inc.php');

hd_dbConnect() or hd_error("$hdlang[cant_connect_db] $hdlang[contact_webmsater] $hd_settings[webmaster_mail]!");
$sql = "SELECT * FROM `hd_residences` ORDER BY `cat_order` ASC";
$result = hd_dbQuery($sql) or hd_error("$hdlang[cant_sql]: $sql</p><p>$hdlang[mysql_said]:<br>".mysql_error()."</p><p>$hdlang[contact_webmsater] $hd_settings[webmaster_mail]");
while ($row=hd_dbFetchAssoc($result))
{
    if ($_SESSION['c_category'] == $row['id']) {$selected = ' selected';}
    else {$selected = '';}
    echo '<option value="'.$row['id'].'"'.$selected.'>'.$row['name'].'</option>';
}

?>
</select></td>
</tr>
<tr>
<td align="right" width="150"><?php echo $hdlang['priority']; ?>: <font class="important">*</font></td>
<td align="left" width="600"><select name="priority">
<option value="3" <?php if($_SESSION['c_priority']==3) {echo 'selected';} ?>><?php echo $hdlang['low']; ?></option>
<option value="2" <?php if($_SESSION['c_priority']==2) {echo 'selected';} ?>><?php echo $hdlang['medium']; ?></option>
<option value="1" <?php if($_SESSION['c_priority']==1) {echo 'selected';} ?>><?php echo $hdlang['high']; ?></option>
</select></td>
</tr>
</table>

<hr>

<!-- START CUSTOM BEFORE -->
<?php
/* custom fields BEFORE comments */
if ($hd_settings['use_custom'] && $hd_settings['custom_place']==1) {

    echo '<table border="0">';

    foreach ($hd_settings['custom_fields'] as $k=>$v) {
        if ($v['use']) {
            if ($v['req']) {$v['req']='<font class="important">*</font>';}
            else {$v['req']='';}
            $k_value = stripslashes(hd_input($_SESSION["c_$k"]));
            echo <<<EOC
    <tr>
    <td align="right" width="150">$v[name]: $v[req]</td>
    <td align="left" width="600"><input type="text" name="$k" size="40" maxlength="$v[maxlen]" value="$k_value"></td>
    </tr>

EOC;
        }
    }

    echo '</table> <hr>';
}
?>
<!-- END CUSTOM BEFORE -->

<!-- request info -->
<table border="0">
<tr>
<td align="right" width="150"><?php echo $hdlang['subject']; ?>: <font class="important">*</font></td>
<td align="left" width="600"><input type="text" name="subject" size="40" maxlength="40" value="<?php echo stripslashes(hd_input($_SESSION['c_subject']));?>"></td>
</tr>
<tr>
<td align="right" valign="top" width="150"><?php echo $hdlang['message']; ?>: <font class="important">*</font></td>
<td align="left" width="600"><textarea name="message" rows="12" cols="60"><?php echo stripslashes(hd_input($_SESSION['c_message']));?></textarea></td>
</tr>
</table>

<hr>

<!-- START CUSTOM AFTER -->
<?php
/* custom fields AFTER comments */
if ($hd_settings['use_custom'] && $hd_settings['custom_place']==0) {

    echo '<table border="0">';

    foreach ($hd_settings['custom_fields'] as $k=>$v) {
        if ($v['use']) {
            if ($v['req']) {$v['req']='<font class="important">*</font>';}
            else {$v['req']='';}
            $k_value = stripslashes(hd_input($_SESSION["c_$k"]));
            echo <<<EOC
    <tr>
    <td align="right" width="150">$v[name]: $v[req]</td>
    <td align="left" width="600"><input type="text" name="$k" size="40" maxlength="$v[maxlen]" value="$k_value"></td>
    </tr>

EOC;
        }
    }

    echo '</table> <hr>';
}
?>
<!-- END CUSTOM AFTER -->

<?php
/* attachments */
if ($hd_settings['attachments']['use']) {

?>
<table border="0">
<tr>
<td align="right" width="150" valign="top"><?php echo $hdlang['attachments']; ?>:</td>
<td align="left" width="600">
<p>

<?php
    for ($i=1;$i<=$hd_settings['attachments']['max_number'];$i++) {
        echo '<input type="file" name="attachment['.$i.']" size="50"><br>';
    }
?>

<?php echo$hdlang['accepted_types']; ?>: <?php echo '*'.implode(', *', $hd_settings['attachments']['allowed_types']); ?><br>
<?php echo $hdlang['max_file_size']; ?>: <?php echo $hd_settings['attachments']['max_size']; ?> Kb
(<?php echo sprintf("%01.2f",($hd_settings['attachments']['max_size']/1024)); ?> Mb)</p>
</td>
</tr>
</table>

<hr>
<?php
}
?>

<!-- Submit -->
<div align="center">
<center>
<table border="0">
<tr>
<td>
<?php
if ($hd_settings['secimg_use']) {
    echo '<p>&nbsp;<br><img src="print_sec_img.php?'.rand(10000,99999).'" width="100" height="20" alt="'.$hdlang['sec_img'].'" border="1"><br>'.
    $hdlang['sec_enter'].': <input type="text" name="mysecnum" size="10" maxlength="5"></p>
    <p>';
} else {
    echo '<p>&nbsp;<br>';
}
?>
<b><?php echo $hdlang['before_submit']; ?></b>
<li><?php echo $hdlang['all_info_in']; ?>.</li>
<li><?php echo $hdlang['all_error_free']; ?>.</li>
</p>

<p><b><?php echo $hdlang['we_have']; ?>:</b>
<li><?php echo $_SERVER['REMOTE_ADDR'].' '.$hdlang['recorded_ip']; ?></li>
<li><?php echo $hdlang['recorded_time']; ?></li>
</p>

<p align="center"><input type="submit" value="<?php echo $hdlang['sub_request']; ?>" class="button"></p>

</form>

</td>
</tr>
</table>
</center>
</div>

</td>
</tr>
</table>
</center>
</div>

<?php
} // End print_add_request()


function print_start() {
global $hd_settings, $hdlang;
?>

<p class="smaller"><a href="<?php echo $hd_settings['site_url']; ?>"
class="smaller"><?php echo $hd_settings['site_title']; ?></a> &gt;
<?php echo $hd_settings['hd_title']; ?><br>&nbsp;</p>
</td>
</tr>
<tr>
<td>

<h3 align="center"><?php echo $hd_settings['hd_title']; ?></h3>

<p><b><?php echo $hdlang['open_request']; ?></b></p>

<p><a href="index.php?a=add"><?php echo $hdlang['sub_support']; ?></a> </p>

<hr>

<p><b><?php echo $hdlang['view_existing']; ?></b></p>

<p><form action="request.php" method="GET">
<?php echo $hdlang['trackID']; ?>: <input type="text" name="track">
<input type="hidden" name="Refresh" value="<?php echo rand(10000,99999); ?>">
<input type="submit" value="<?php echo $hdlang['view_request']; ?>" class="button">
</form></p>

<p><a href="Javascript:void(0)" onClick="Javascript:hd_toggleLayerDisplay('forgot')"><?php echo $hdlang['forgot_tid'];?></a></p>

<div id="forgot" style="display: none;">
<script language="javascript" type="text/javascript"><!--
function hd_checkEmail() {
d=document.form1;
if (d.email.value=='' || d.email.value.indexOf(".") == -1 || d.email.value.indexOf("@") == -1)
{alert('<?php echo $hdlang['enter_valid_email']; ?>'); return false;}

return true;
}
//-->
</script>
<form action="index.php" method="POST" name="form1" onSubmit="return hd_checkEmail()">
<p><?php echo $hdlang['tid_mail']; ?>:<br>
<input type="text" name="email" size="30" maxlength="50">
<input type="hidden" name="a" value="forgot_tid">
<input type="submit" value="<?php echo $hdlang['tid_send']; ?>" class="button"></p>
</div>

<hr>

<p>&nbsp;</p>

<?php
} // End print_start()


function forgot_tid() {
global $hd_settings, $hdlang;

$email=hd_validateEmail($_POST['email'],$hdlang['enter_valid_email']);

/* Prepare request statuses */
$my_status = array(
    0 => $hdlang['open'],
    1 => $hdlang['wait_staff_reply'],
    2 => $hdlang['wait_cust_reply'],
    3 => $hdlang['closed']
);

/* Get request(s) from database */
require_once('inc/database.inc.php');
hd_dbConnect() or hd_error("$hdlang[cant_connect_db] $hdlang[contact_webmsater] $hd_settings[webmaster_mail]!");

$sql = "SELECT * FROM `hd_requests` WHERE `email` LIKE '$email'";
$result = hd_dbQuery($sql) or hd_error("$hdlang[cant_sql]: $sql</p><p>$hdlang[mysql_said]:<br>".mysql_error()."</p><p>$hdlang[contact_webmsater] $hd_settings[webmaster_mail]");
$num=hd_dbNumRows($result);
if ($num < 1) {
    hd_error($hdlang['tid_not_found']);
}

$tid_list='';
$name='';
while ($my_request=hd_dbFetchAssoc($result))
{
$name = $name ? $name : $my_request['name'];
$tid_list .= "
$hdlang[trackID]: $my_request[requestid]
$hdlang[subject]: $my_request[subject]
$hdlang[status]: ".$my_status[$my_request['status']]."
$hd_settings[hd_url]/request.php?track=$my_request[requestid]
";
}

/* Get e-mail message for Student */
$fp=fopen('emails/forgot_request_id.txt','r');
$message=fread($fp,filesize('emails/forgot_request_id.txt'));
fclose($fp);

$message=str_replace('%%NAME%%',$name,$message);
$message=str_replace('%%NUM%%',$num,$message);
$message=str_replace('%%LIST_requestS%%',$tid_list,$message);
$message=str_replace('%%SITE_TITLE%%',$hd_settings['site_title'] ,$message);
$message=str_replace('%%SITE_URL%%',$hd_settings['site_url'] ,$message);

/* Send e-mail */
$headers="From: $hd_settings[noreply_mail]\n";
$headers.="Reply-to: $hd_settings[noreply_mail]\n";
@mail($email,$hdlang['tid_email_subject'],$message,$headers);

?>

<p class="smaller"><a href="<?php echo $hd_settings['site_url']; ?>"
class="smaller"><?php echo $hd_settings['site_title']; ?></a> &gt;
<a href="index.php?a=start" class="smaller"><?php echo $hd_settings['hd_title']; ?></a>
&gt; <?php echo $hdlang['tid_sent']; ?><br>&nbsp;</p>
</td>
</tr>
<tr>
<td>

<p>&nbsp;</p>

<h3 align="center"><?php echo $hdlang['tid_sent']; ?></h3>

<p>&nbsp;</p>

<p align="center"><?php echo $hdlang['tid_sent2']; ?></p>
<p align="center"><b><?php echo $hdlang['check_spambox']; ?></b></p>
<p>&nbsp;</p>
<p align="center"><a href="index.php?a=start"><?php echo $hd_settings['hd_title']; ?></a></p>

<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>

<?php
} // End forgot_tid()

?>
